1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
#!/bin/bash
set -u
TESTTYPE=gpg
test_dir=$(readlink -f "${0%/*}")
. "$test_dir/lib_test_uscan"
SUFFIX="1"
COMMAND="uscan"
tearDown(){
killHttpServer
echo
}
trap tearDown EXIT
helperCreateRepo () {
mkdir -p $PKG/debian
cat <<END > $PKG/debian/rules
#!/usr/bin/make -f
%:
dh $@
END
chmod +x $PKG/debian/rules
cat <<END > $PKG/debian/watch
version=4
${OPTS:-}http://localhost:$PORT/$PKG-(\d).tar.gz debian
END
cat <<END > $PKG/debian/changelog
$PKG (0+dfsg1-$SUFFIX) unstable; urgency=low
* Initial release
-- Joe Developer <jd@debian.org> Mon, 02 Nov 2013 22:21:31 -0100
END
cat <<'END' > $PKG/debian/copyright
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
END
if [ -n "${SRCFORMAT:-}" ]; then
mkdir -p $PKG/debian/source
echo "$SRCFORMAT" > $PKG/debian/source/format
fi
mkdir -p $PKG/debian/upstream
cp -vf $test_dir/uscan/PUBLIC_KEY.asc $PKG/debian/upstream/signing-key.asc
}
helperTestDownloads() {
assertTrue 'downloaded tarfile not present' "[ -f "$TEMP_PKG_DIR"/${PKG}-1.tar.gz ]"
assertTrue 'downloaded signature not present' "[ -f "$TEMP_PKG_DIR"/${PKG}-1.tar.gz.asc ]"
assertTrue "no orig.tar.gz link" "[ -L "$TEMP_PKG_DIR"/${PKG}_1.orig.tar.gz ]"
assertTrue "no orig.tar.gz.asc link" "[ -L "$TEMP_PKG_DIR"/${PKG}_1.orig.tar.gz.asc ]"
}
testSimpleGpg() {
PKG=foo
TEMP_PKG_DIR=$(mktemp -d -p "$SHUNIT_TMPDIR")
spawnHttpServer
PORT=$(cat "$TEMP_PKG_DIR"/repo/port)
(
cd "$TEMP_PKG_DIR"
OPTS="opts=pgpsigurlmangle=s/$/.asc/,dversionmangle=s/@DEB_EXT@// "
SRCFORMAT="3.0 (quilt)"
helperCreateRepo
cd repo
tar cfz $PKG-1.tar.gz *
$GPG --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
--default-key 72543FAF \
--armor --detach-sign $PKG-1.tar.gz
)
(cd "$TEMP_PKG_DIR"/$PKG ; $COMMAND)
assertEquals "uscan: exit_code!=0 but exit_code=0" "$?" "0"
helperTestDownloads
}
testCVE20258454withPgpSigUrlMangle() {
PKG=foo
TEMP_PKG_DIR=$(mktemp -d -p "$SHUNIT_TMPDIR")
spawnHttpServer
PORT=$(cat "$TEMP_PKG_DIR"/repo/port)
(
cd "$TEMP_PKG_DIR"
OPTS="opts=pgpsigurlmangle=s/$/.asc/,dversionmangle=s/@DEB_EXT@// "
SRCFORMAT="3.0 (quilt)"
helperCreateRepo
cd repo
tar cfz $PKG-1.tar.gz *
$GPG --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
--default-key 72543FAF \
--armor --detach-sign $PKG-1.tar.gz
)
(cd "$TEMP_PKG_DIR"/$PKG ; $COMMAND)
assertEquals "uscan: exit_code!=0 but exit_code=0" "$?" "0"
helperTestDownloads
#rm -f "$TEMP_PKG_DIR"/${PKG}_1.orig.tar.gz.asc
(
cd "$TEMP_PKG_DIR"
tar czf ${PKG}-1.tar.gz *
)
(cd "$TEMP_PKG_DIR"/$PKG ; $COMMAND)
assertNotEquals "uscan: exit_code==0" "$?" "0"
}
testCVE20258454withPgpModeAuto() {
PKG=foo
TEMP_PKG_DIR=$(mktemp -d -p "$SHUNIT_TMPDIR")
spawnHttpServer
PORT=$(cat "$TEMP_PKG_DIR"/repo/port)
(
cd "$TEMP_PKG_DIR"
OPTS="opts=pgpmode=auto,dversionmangle=s/@DEB_EXT@// "
SRCFORMAT="3.0 (quilt)"
helperCreateRepo
cd repo
tar cfz $PKG-1.tar.gz *
$GPG --homedir "$GPGHOME" --no-options -q --batch --no-default-keyring \
--default-key 72543FAF \
--armor --detach-sign $PKG-1.tar.gz
)
(cd "$TEMP_PKG_DIR"/$PKG ; $COMMAND)
assertEquals "uscan: exit_code!=0 but exit_code=0" "$?" "0"
helperTestDownloads
#rm -f "$TEMP_PKG_DIR"/${PKG}_1.orig.tar.gz.asc
(
cd "$TEMP_PKG_DIR"
tar czf ${PKG}-1.tar.gz *
)
(cd "$TEMP_PKG_DIR"/$PKG ; $COMMAND)
assertNotEquals "uscan: exit_code==0" "$?" "0"
}
. shunit2
|
